How to Use the Command 'dnstracer' (with Examples)

The ‘dnstracer’ command is a powerful tool used to trace the path of DNS queries in the Domain Name System (DNS) hierarchy, ultimately determining where a DNS server retrieves its information. This utility can be particularly useful for network administrators and developers trying to debug DNS issues by understanding the DNS resolution path and identifying potential points of failure. More detailed information can be found at the dnstracer manual page .

Use Case 1: Find out where your local DNS got the information on www.example.com

Code:

dnstracer www.example.com

Motivation:

Determining the source of DNS information for a particular domain, like www.example.com , is crucial when troubleshooting potential DNS issues. It helps identify which DNS servers have been queried and in what order, allowing you to ascertain if there’s a potential misconfiguration or latency issue in the DNS resolution path.

Explanation:

• dnstracer: This is the main command being used to trace DNS queries.
• www.example.com: This is the domain whose DNS information source you want to trace. It tells the command which domain to focus on.

Example Output:

Tracing to www.example.com via a.b.c.d, requesting type A
No.  Domain              ns2.example.com [a.b.c.d] [OK]
1    example.com         ns1.example.com [a.b.c.d] [OK]
2    example.net         ns2.example.net [a.b.c.d] [timeout]
3    root                ns1.root-servers.net [a.b.c.d] [OK]

Use Case 2: Start with a Specific DNS that you already know

Code:

dnstracer -s dns.example.org www.example.com

Motivation:

Starting a DNS trace from a known DNS server, such as dns.example.org, can be useful when you want to test or validate the DNS setup of that server, or when troubleshooting specific DNS paths. It ensures that your trace begins from a reliable or familiar starting point in the network.

Explanation:

• -s dns.example.org: The -s flag allows you to specify a starting DNS server. In this case, dns.example.org is the server from which the DNS trace will originate.
• www.example.com: This represents the domain whose DNS path you wish to trace.

Example Output:

Tracing to www.example.com via dns.example.org, requesting type A
No.  Domain              dns.example.org [a.b.c.d] [OK]
1    example.com         ns1.example.com [a.b.c.d] [OK]

Use Case 3: Only Query IPv4 Servers

Code:

dnstracer -4 www.example.com

Motivation:

IPv6 is increasingly common, but there are still many networks that use or prefer IPv4. Using the IPv4-only query ensures that only IPv4 DNS servers are queried, which can be important in networks that do not yet fully support IPv6 or when troubleshooting IPv4-specific issues.

Explanation:

• -4: This flag restricts the query to use only IPv4 servers. It’s useful when you need to isolate your DNS queries to the IPv4 network.
• www.example.com: This is the target domain for which you are tracing the DNS query using IPv4 servers only.

Example Output:

Tracing to www.example.com via IPv4 records only
No.  Domain              ns1.example-ipv4.com [192.0.2.1] [OK]

Use Case 4: Retry Each Request 5 Times on Failure

Code:

dnstracer -r 5 www.example.com

Motivation:

Network environments can exhibit occasional packet loss or temporary connectivity issues. Setting the number of retries to a higher value, such as 5, allows the command to make multiple attempts to resolve any temporary failures, which might be needed in unreliable or congested network situations.

Explanation:

• -r 5: This option specifies the number of retries for each request. The number 5 means that dnstracer will retry failed DNS queries up to five times before giving up.
• www.example.com: This is the domain for which you are tracing DNS queries, applying the retry policy specified.

Example Output:

Tracing to www.example.com, retrying each request up to 5 times on failure
Attempt 1 for ns1.example.com [failed]
Attempt 2 for ns1.example.com [success]

Use Case 5: Display All Steps During Execution

Code:

dnstracer -v www.example.com

Motivation:

Verbose output is invaluable when diagnosing DNS issues, as it provides detailed insights into each step of the DNS querying process. It can show the complete path and intermediate results, helping you pinpoint the exact step where a discrepancy or failure occurs.

Explanation:

• -v: This flag enables verbose mode, providing detailed step-by-step output of the querying process.
• www.example.com: It’s the domain you are focusing the verbose DNS trace on.

Example Output:

Verbose mode enabled: Tracing www.example.com
Step 1: Contacting root server
Step 2: Request sent to ns1.example.com [OK]
Step 3: Request sent to ns2.example.com [timeout]

Use Case 6: Display an Overview of All Received Answers After Execution

Code:

dnstracer -o www.example.com

Motivation:

When you need a summary of all the DNS responses received during the trace, using the overview option provides a clean and concise output. This can quickly inform you where your DNS queries resolved and help you verify if the resolution path aligns with expected results.

Explanation:

• -o: The overview flag captures and presents all answers received during the execution.
• www.example.com: This designates the domain for which the overview of received answers will be displayed.

Example Output:

Overview of all answers received:
- ns1.example.com [a.b.c.d] [OK]
- ns2.example.net [timeout]
- ns3.example.info [e.f.g.h] [OK]

Conclusion:

The dnstracer command is a versatile tool for diagnosing and understanding the DNS resolution paths. By using different options, like specifying a starting server, focusing on IPv4 queries only, or employing verbose mode, users can gather insights into the DNS infrastructure’s performance and configuration. Each option provides a varying level of detail or focus, which can be instrumental in network troubleshooting and optimization.